OpenBSD Journal

2019-04-24, Calgary, Alberta, Canada and elsewhere: With a message sent to relevant mailing lists, Theo de Raadt (deraadt@) announced that the OpenBSD project's 46th release, OpenBSD 6.5 is now generally available from mirror sites all over the world.Notable changes include but are not limited to:

After doing active development on it for about a month,i just released version 1.0.0 of the DocBook to mdoc converter,docbook2mdoc(1).The OpenBSD port was updated, too.In a nutshell, docbook2mdoc was brought from experimental statusto an early release that can be considered mostly usable forproduction, though no doubt there are still many rough edges.That's why i called it 1.0.0 and not 1.1.1.Read more…

The stream of t2k19 hackathon reports continues with this from Christian Weisgerber (naddy@):

Fresh from the recent t2k19 hackathon in Taipei, Florian Obser (florian@)writes in with this report:

A new hackathon report has arrived, this time from Stefan Sperling (stsp@), who writes:

Kenneth R Westerback (krw@) wrote in with areport on his recent participation int2k19:

Fresh from the t2k19 hackathon comes a report from Anthony J. Bentley (bentley@), who writes:Seeing an Asia hackathon coming up was pretty exciting; I’d never been there before. I spent a month or so preparing by getting through the more mundane things in my backlog, mostly new ports and updates. That left my time in Taipei open to focus on fixing some bugs and broken things.Read more…

Ken Westerback (krw@) writes in with his report froma2k19,the hackathon in New Zealand:

Ingo Schwarze wrote in with the announcement of a new mandoc release. Ingo writes,

We are delighted to have received ana2k19 hackathonreport: Antoine Jacoutot (ajacoutot@) writes:

SSH is an awesome tool. Logging into other machines securely is sopervasive to us sysadmins nowadays that few of us think about what'sgoing on underneath. Even more so once you start using the moreadvanced features such as the ssh-agent,agent-forwarding andProxyJump. Whendoing so, care must be taken in order to notcompromise one's logins or ssh keys.Read more…

It's that time of year again; Theo (deraadt@) has just tagged 6.5-beta. A good reminder for us all run an extra test install and see if your favorite port still works as you expect.

Landry Breuil (landry@) hascommittedawork-in-progressFAQ section"Virtual Private Networks (VPN)":

Todd Mortimer (mortimer@) hascommittedimprovements to (the anti-ROP)"X86FixupGadgets" passofclang(1)for amd64 and i386:

Hrvoje Popovski wrote in to alert us that Martin Pieuchot (mpi@) has written a new blog post entitled Faster vlan(4) forwarding?, which leads in with

openrsync,a clean-room implementation ofrsync,is being developed byKristaps Dzonsonsas part ofthe rpki-client(1) project[featured in anearlier article].openrsync(1) has beenimported into the tree(as "rsync") by Sebastian Benoit (benno@):

Florian Obser (florian@) kindly wrote in with news on some recent work:

Fresh from thea2k19 hackathon,Joel Sing (jsing@) delivereda presentationat the2019 linux.conf.au.Video is now available.

Mike Larkin (mlarkin@) just committed support for 2TB of physical memory on the amd64 platform:

Peter Hessler (phessler@) hascommittedchangesto make it possible to join any open wifi network:Read more…

Withtwocommitsby Pratik Vyas (pd@),vmm(4) support for i386 host systems has been deleted (one can still run i386 guests under vmm on an amd64 host).The commit messages explain the reasoning behind this move:Read more…

Ian Darwin (ian@) wrote in to let us know that he's writtenan articlewhich is a follow-up to an Undeadlystory from a decade ago!The article provides a fine illustration of benefits of a bloat-freeOS.Thanks very much for the pointer, Ian.

Frederic Cambus (fcambus@) has just changed the default console font to Spleen, a font of his own creation:

Another major step forward just happened inmandoc(1)HTML output: paragraphs are now represented with real HTML<p> elements, and a number of cases were fixedin which mandoc used to generate output violating HTML syntax,mostly related to macros and requests that controlline fillingin paragraphs of text.Read more…

Tom Smyth has another article (and video) for us:

This contribution comes directly from Tom Smyth:

With the followingcommit,Theo de Raadt (deraadt@) released thesong for OpenBSD 6.2!

With thiscommit,Florian Obser (florian@) enabled DNSSEC validation in the defaultunbound.conf(5)in -current:

Gilles Chehade (gilles@) has written anotherpieceon progress inOpenSMTPDdevelopment.-current now has proc filters!

Otto Moerbeek (otto@) has issued aseries of Mastodon messagesexplaining some of the the virtues of OpenBSD'smalloc(3)implementation.They provide excellent reading in easily-digestible pieces.

Job Snijders (job@) has written anarticle at Mediumproposing rpki-client(1),a new, BSD-licensedRPKIvalidator.

Claudio Jeker (claudio@) wrote in to let us know that he and Job Snijders (job@) have writtenan article about OpenBGPDforRIPE Labs.

Right on the heels of the previous announcement, Kenneth R. Westerback (krw@) of the OpenBSD Foundation writes to inform us:

On his blog, joshua stein (jcs@) has a description of the hoops he jumped through to get stereo sound out of his Huawei Matebook X under OpenBSD (something that only worked under Windows with special drivers).His approach involves logging all PCI device accesses by running Windows in QEMU under Linux with VFIO, parsing that, and making the OpenBSD azalia(4) driver do the same.Thanks to joshua for the interesting write-up!

Kenneth R. Westerback (krw@) writes to inform us:

In this commit, Otto Moerbeek (otto@) moved malloc handling from a softlink in /etc to a sysctl instead.

Gilles Chehade (gilles@) has writtenan articleon recent progress inOpenSMTPD.It begins:

Returning readers are likely aware that OpenBSD in its OpenBSD/amd64 and OpenBSD/i386 varieties comes with virtualization built in, brought to you by the vmm(4) subsystem.

Earlier this week the OpenBSD foundation received its first Silver donation from an individual contributor. Thank you John Carmack for the very generous contribution! The support will ensure that many important projects are moving forward and continue making impact.

Ken Westerback (krw@ when wearing his dev hat) wrote in with some great news:

The release of OpenBSD 6.4 has beenannounced:

Ingo Schwarze (schwarze@) writes in about fresh developments in mandoc(1):

EuroBSDcon 2018is now over, and slides for OpenBSD-related presentations are now availablefrom theusual place.As always, there's some great reading there (especially for those of uswho were unable to attend the conference).Unfortunately, there will not be any video this year.

Fresh from the just concluded n2k18 hackathon comes this report from Ken Westerback(krw@),who writes:

In ashortseriesofcommits,Carlos Cardenas (ccardenas@) added support forqcow2image support to vmd(8).[This builds on anearlier commitadding support for pluggable disk backends.]The code was written by Ori Bernstein, who posted his diffs (thread 1, thread 2) to the tech@openbsd.org mailing list in August.Read more…

Anton Lindqvist (anton@) gave a talk atBSD Users Stockholm Meetup #3 on the kernel coverage tracing kit he committed recently.Slidesare now available via theOpenBSD Events and Papers page.The slides contain a list of bugs found and fixed as a result of this work.See also:kcov(4)

Ken Westerback (krw@ when wearing his dev hat) wrote in withsome great news:

In amessage to tech@,Theo de Raadt (deraadt@)gives an update on the state-of-play regarding processor vulnerabilities:

Theo de Raadt (deraadt@) hascommitteda diff to mitigate the"Intel L1TF screwup" for the amd64 platform we reported on earlier:

Theo de Raadt (deraadt@)posted to the tech@ mailing list with some background on how the latest discovered Intel CPUissues relate to OpenBSD.